-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wednesday 14 July 2004 10:48 am, Nico Kadel-Garcia wrote:
From: "Jonathan Gardner" <jonagard(_at_)amazon(_dot_)com>
How is it possible to lie? Only the domain owners are allowed to
publish
DNS
records for their domain. The domain owners assert via SPF that mail
going through specific servers is their mail. I must be missing the
part where someone else can publish SPF records for you, and claim mail
servers you don't trust are allowed to send email for you. I don't see
how that is possible.
You lie about your hostname, your IP address, your reverse PTR records,
or take advantage of a less restrictive domain allowed to post as the
domain in question. Or you interfere with the published DNS of the site
in question, since DNS is not overall designed for robust authentication
if other people's zone informatino.
I'm intrigued by this. Maybe you should tell us exactly how you are able to
lie about these things.
If there are vulnerabilities in the internet that allow you to claim an IP
address that isn't yours. modify reverse PTR records that aren't yours, or
publish DNS records for domains that aren't yours, then we have some major
vulnerabilities that threaten the internet itself.
Please, share your information, we'd be glad to see it.
- --
Jonathan M. Gardner
Mass Mail Systems Developer, Amazon.com
jonagard(_at_)amazon(_dot_)com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQFA9shGBFeYcclU5Q0RAhBXAKCdXT+f9xJ7SZj+mzE8jxfstYDX6ACgmxcy
cqDCmLkyaPw878pO4fZ7w7c=
=UcLx
-----END PGP SIGNATURE-----